CVE-2005-3553 in PHPKITinfo

Summary

Multiple SQL injection vulnerabilities in include.php in PHPKIT 1.6.1 R2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in conjunction with the login/userinfo.php path and (2) the session parameter (aka the PHPKITSID variable).

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsible

Reservation

11/16/2005

Disclosure

11/16/2005

Moderation

VulDB entry created

Entries

VDB-26886

CPE

ready

CWE

CWE-89 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.01887

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-3553
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3553
CVE Details	https://www.cvedetails.com/cve/CVE-2005-3553/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!